forked from ory/fosite-example
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
69 lines (58 loc) · 2.38 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package main
import (
"fmt"
"log"
"net/http"
"os"
"os/exec"
"github.com/ory/fosite-example/authorizationserver"
"github.com/ory/fosite-example/oauth2client"
"github.com/ory/fosite-example/resourceserver"
goauth "golang.org/x/oauth2"
"golang.org/x/oauth2/clientcredentials"
)
// A valid oauth2 client (check the store) that additionally requests an OpenID Connect id token
var clientConf = goauth.Config{
ClientID: "my-client",
ClientSecret: "foobar",
RedirectURL: "http://localhost:3846/callback",
Scopes: []string{"photos", "openid", "offline"},
Endpoint: goauth.Endpoint{
TokenURL: "http://localhost:3846/oauth2/token",
AuthURL: "http://localhost:3846/oauth2/auth",
},
}
// The same thing (valid oauth2 client) but for using the client credentials grant
var appClientConf = clientcredentials.Config{
ClientID: "my-client",
ClientSecret: "foobar",
Scopes: []string{"fosite"},
TokenURL: "http://localhost:3846/oauth2/token",
}
// Samle client as above, but using a different secret to demonstrate secret rotation
var appClientConfRotated = clientcredentials.Config{
ClientID: "my-client",
ClientSecret: "foobaz",
Scopes: []string{"fosite"},
TokenURL: "http://localhost:3846/oauth2/token",
}
func main() {
// ### oauth2 server ###
authorizationserver.RegisterHandlers() // the authorization server (fosite)
// ### oauth2 client ###
http.HandleFunc("/", oauth2client.HomeHandler(clientConf)) // show some links on the index
// the following handlers are oauth2 consumers
http.HandleFunc("/client", oauth2client.ClientEndpoint(appClientConf)) // complete a client credentials flow
http.HandleFunc("/client-new", oauth2client.ClientEndpoint(appClientConfRotated)) // complete a client credentials flow using rotated secret
http.HandleFunc("/owner", oauth2client.OwnerHandler(clientConf)) // complete a resource owner password credentials flow
http.HandleFunc("/callback", oauth2client.CallbackHandler(clientConf)) // the oauth2 callback endpoint
// ### protected resource ###
http.HandleFunc("/protected", resourceserver.ProtectedEndpoint(appClientConf))
port := "3846"
if os.Getenv("PORT") != "" {
port = os.Getenv("PORT")
}
fmt.Println("Please open your webbrowser at http://localhost:" + port)
_ = exec.Command("open", "http://localhost:"+port).Run()
log.Fatal(http.ListenAndServe(":"+port, nil))
}